使用者帳戶和適用於 Linux 的 Windows 子系統的權限User Accounts and Permissions for Windows Subsystem for Linux

建立您的 Linux 使用者是新的 Linux 散發套件在 WSL 上所設定的第一個步驟。Creating your Linux user is the first step in setting up a new Linux distribution on WSL. 您所建立的第一個使用者帳戶會自動設定使用幾個特殊的屬性:The first user account you create is automatically configured with a few special attributes:

  1. 是您預設的使用者--它登入時自動啟動。It is your default user -- it signs-in automatically on launch.
  2. 它是預設的 Linux 系統管理員 (sudo 群組的成員)。It is Linux administrator (a member of the sudo group) by default.

適用於 Linux 的 Windows 子系統上執行的每個 Linux 散發套件都有自己的 Linux 使用者帳戶和密碼。Each Linux distribution running on the Windows Subsystem for Linux has its own Linux user accounts and passwords. 您必須設定的 Linux 使用者帳戶新增通訊群組、 重新安裝,或重設的任何時間。You will have to configure a Linux user account any time you add a distribution, reinstall, or reset. Linux 使用者帳戶不是只有獨立每個散發,它們也是獨立於您的 Windows 使用者帳戶。Linux user accounts are not only independent per distribution, they are also independent from your Windows user account.

重設 Linux 密碼Resetting your Linux password

如果您可以存取您的 Linux 使用者帳戶,而且知道您目前的密碼,將它變更 linux 密碼重設工具,該分佈,最可能的passwdIf you have access to your Linux user account and know your current password, change it using Linux password reset tools of that distribution -- most likely passwd.

如果不是可行,根據散發套件,您可以藉由重設預設的使用者重設密碼。If that's not an option, depending on the distribution, you may be able to reset your password by resetting the default user.

WSL 會提供預設的使用者標記,來識別哪一個使用者帳戶自動登入,當您啟動 WSL。WSL offers a default user tag to identify which user account automatically logs in when you start a WSL. 由於許多散發套件包含根,也是以根使用者設定預設的使用者,且不需要密碼設定的命令,變更至根目錄的預設使用者是一個便利的工具,針對密碼重設等。Since many distributions include commands to set the default user to root and also a root user with no password set, changing the default user to root is a handy tool for things like password reset.

Creators Update 及更早版本For Creators Update and earlier

如果您執行 Windows 10 Creators update 或更早版本,您可以變更預設 Bash 使用者執行下列命令:If you're running Windows 10 Creators update or earlier, you can change the default Bash user by running the following commands:

  1. 變更預設使用者root:Change the default user to root:

    C:\> lxrun /setdefaultuser root
    
  2. 執行bash.exe立即登入成root:Run bash.exe to now login as root:

    C:\> bash.exe
    
  3. 重設密碼使用散發套件的 密碼 命令,並關閉 Linux 主控台:Reset your password using the distribution's password command, and close the Linux Console:

    $ passwd username
    $ exit
    
  4. 從 Windows CMD 重設為一般 Linux 使用者帳戶的預設使用者:From Windows CMD, reset your default user back to your normal Linux user account:

    C:\> lxrun.exe /setdefaultuser username
    

Fall Creators Update 和更新版本For Fall Creators Update and later

若要查看哪些命令可供特定的分佈,請執行[distro.exe] /?To see what commands are available for a particular distribution, run [distro.exe] /?.

例如,使用 Ubuntu 安裝:For example, with Ubuntu installed:

C:\> ubuntu.exe /?

Launches or configures a linux distribution.

Usage:
    <no args>
      - Launches the distro's default behavior. By default, this launches your default shell.

    run <command line>
      - Run the given command line in that distro, using the default configuration.
      - Everything after `run ` is passed to the linux LaunchProcess cal

    config [setting [value]]
      - Configure certain settings for this distro.
      - Settings are any of the following (by default)
        - `--default-user <username>`: Set the default user for this distro to <username>

    clean
      - Uninstalls the distro. The appx remains on your machine. This can be
        useful for "factory resetting" your instance. This removes the linux
        filesystem from the disk, but not the app from your PC, so you don't
        need to redownload the entire tar.gz again.

    help
      - Print this usage message.

使用 Ubuntu 的逐步指示的步驟:Step by step instructions using Ubuntu:

  1. 開啟 CMDOpen CMD

  2. 若要設定預設的 Linux 使用者root:Set the default Linux user to root:

    C:\> ubuntu config --default-user root
    
  3. 啟動您的 Linux 散發套件 (ubuntu)。Launch your Linux distribution (ubuntu). 您會自動登入為root:You will automatically login as root:

  4. 重設您的密碼使用passwd命令:Reset your password using the passwd command:

    $ passwd username
    
  5. 從 Windows CMD 重設為一般 Linux 使用者帳戶的預設使用者。From Windows CMD, reset your default user back to your normal Linux user account.

    C:\> ubuntu config --default-user username
    

PermissionsPermissions

有兩個重要的概念,要牢記在心,就在 WSL 的權限:There are two important concepts to keep in mind when it comes to permissions in WSL:

  1. Windows 權限模型會控管 Windows 資源的處理序的權限The Windows permission model governs a process' rights to Windows resources
  2. Linux 的權限模型控制 Linux 資源的處理序的權限The Linux permission model controls a process' rights to Linux resources

當 Linux 在 WSL 上執行,Linux 會有相同的 Windows 權限,其啟動的程序。When running Linux on WSL, Linux will have the same Windows permissions as the process that launches it. 可以在其中兩個權限等級中啟動 Linux:Linux can be launched in one of two permission levels:

  • 一般 (非提高權限):Linux 執行的登入的使用者權限Normal (non-elevated): Linux runs with the permissions of the logged-in user
  • 提高權限/系統管理:以提高權限/系統管理員的 Windows 權限執行的 LinuxElevated/admin: Linux runs with elevated/admin Windows permissions

提高權限的程序可以存取/修改 (且因此損害) 全系統設定和系統寬/受保護的資料,因為避免啟動提升權限的處理序,除非絕對需要的時候-它們是 Windows 或 Linux應用程式/tools/殼層 !Because elevated processes can access/modify (and therefore damage) system-wide settings and system-wide/protected data, AVOID launching elevated processes unless you absolutely have to - whether they're Windows or Linux applications/tools/shells!

上述的 Windows 權限是獨立的中的 Linux 執行個體的權限:Linux 「 根權限 」 只會影響使用者的權限中的 Linux 環境與檔案系統;它們會將不會影響對授與 Windows 權限。The above Windows permissions are independent of the permissions within a Linux instance: Linux "Root privileges" only impact the user’s rights within the Linux environment & filesystem; they have no impact on the Windows privileges granted. 因此,以 root 身分執行 Linux 處理序 (例如,透過sudo) 只會處理在 Linux 環境中的系統管理員權限授與。Thus, running a Linux process as root (e.g. via sudo) only grants that process admin rights within the Linux environment.

範例: Example:
Windows 系統管理員權限的 Bash 工作階段可以存取cd /mnt/c/Users/Administrator沒有系統管理員權限就會看到 「 拒絕的權限 」 的錯誤時的 Bash 工作階段。A Bash session with Windows admin privileges may access cd /mnt/c/Users/Administrator while a Bash session without admin privileges would see a "Permission Denied" error.

在 Linux 中,輸入sudo cd /mnt/c/Users/Administrator由於 Windows 內的權限由 Windows,將會授與系統管理員的目錄的存取權。In Linux, typing sudo cd /mnt/c/Users/Administrator will not grant access to the Administrator’s directory since permissions within Windows are managed by Windows.

Linux 的權限模型是很重要時,使用者已根據目前的 Linux 使用者的權限的 Linux 環境內。The Linux permission model is important when inside the Linux environment where the user has permissions based on the current Linux user.

範例:Example:
Sudo 群組中的使用者可以執行sudo apt updateA user in the sudo group may run sudo apt update.